Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Rajan Kharat

Information Security Auditor (PCI DSS, ITGC And ISO 27001)

Summary

Certified Information Systems Auditor (CISA) and experienced PCI DSS Auditor with strong expertise in IT audit, compliance assessments, and risk management. Skilled in conducting end-to-end PCI DSS gap assessments, compliance validations, and control testing for diverse industries including BFSI, telecom, and IT services. Adept at evaluating IT General Controls (ITGC), application controls, access management, and incident response processes. Proven ability to work with cross-functional teams to ensure compliance with regulatory and industry standards while strengthening security posture.

Overview

9
9
years of professional experience
8
8
Certifications

Work History

Information Security Consultant

Lead Consultant
08.2016 - Current

PCI DSS Auditor

  • Conducted PCI DSS audits (v3.2.1 / v4.0), including scoping, evidence collection, and testing of controls for merchants and service providers.
  • Performed gap assessments and provided remediation guidance for encryption, key management, and cardholder data storage requirements.
  • Reviewed firewall configurations, segmentation controls, access management, and vulnerability management processes to validate compliance.
  • Authored ROC (Report on Compliance) and Attestation of Compliance (AOC) documents in line with PCI SSC guidelines.
  • Worked with client teams to design compensating controls where standard requirements were not feasible.
  • Also worked along with the National Payment Corporation of India (NPCI) to ensure compliance with Information Technology general controls.
  • Working with various Asian banks for PCI DSS compliance.compliance
  • Performed remote and onsite network penetration testing and vulnerability assessment audits for industry-leading BPOs, call centers, and banks across the globe—mainly in the Asia and Middle East regions.
  • Collaborated with third-party payment card industry (PCI) compliance partners.
  • Performed application penetration testing audits for mainly banking and credit card applications, shopping cart applications, payment switch, and payment gateway applications, and mobile applications.
  • Performed firewall rule-set reviews for the client base across the globe.

Education

Bachelor of Engineering - Electronics And Telecommunication

Bachelor of Engineering From Y.T.I.E.T
Karjat
06.2011 - 2015.08

Skills

External and Internal Vulnerability Assessments

Vulnerability assessment

Cybersecurity strategy

Application security

Network security

Compliance auditing

Network security management

Patch management

Security risk assessment

Problem-solving abilities

Network protocols

Certification

Certified Ethical Hacking

Timeline

CISA - Certified Information Systems Auditor (ISACA)

08-2025

Swift Network

05-2025

Information Security Consultant

Lead Consultant
08.2016 - Current

Bachelor of Engineering - Electronics And Telecommunication

Bachelor of Engineering From Y.T.I.E.T
06.2011 - 2015.08
Rajan KharatInformation Security Auditor (PCI DSS, ITGC And ISO 27001)